Modifying Knowledge Risk Strategy Using Threat Lessons Learned from COVID-19 in 2020-21 in the United States

Abstract

2020 and 2021 have shown us that the likelihood of extreme events is more significant than we would have expected. Due to extreme circumstances, organizational resources are stretched to their limits, making organizations more vulnerable to attacks affecting their knowledge systems and knowledge assets. This paper conducts an intelligence-based threat assessment by analyzing published reports on events during the 2020-21 period against a set of five knowledge risks to identify threats and determine if they increase the likelihood of these risks occurring. We identify six possible changes in knowledge risk strategy to mitigate these threats: proper knowledge identification, guidelines for employee online behavior, identification and evaluation of online communication channels, re-evaluation of how work is to be performed, creation of knowledge capture processes for departing personnel, and performing a knowledge risk re-assessment. Additionally, we conclude that organizations need expertise in identifying and countering misinformation and disinformation to defend themselves from these new cyber threats.